Slashdot Mirror

← Back to Stories (view on slashdot.org)

Privacy-Centric Linux Distro Tails 3.0 Will Drop 32-Bit Processor Support (betanews.com)

Posted by EditorDavid on from the chasing-its-Tails dept.

All of its outgoing connections are routed through Tor, and it even blocks non-anonymous connections. You can carry it around on a USB stick, and Edward Snowden uses it. But a big change is coming with Tails 3.0. BrianFagioli quotes BetaNews: Unfortunately for some users, Tails will soon not work on their computers. The upcoming version 3.0 of the operating system is dropping 32-bit processor support. While a decline in compatibility is normally a bad thing, in this case, it is good. You see, because there are so few 32-bit Tails users, the team was wasting resources by supporting them. Not to mention, 64-bit processors are more secure too...

"In the beginning of 2016, only 4% of Tails users were still using a 32-bit computer. Of course, some of these computers will keep working for a while. But once the number had fallen this low, the benefits of switching Tails to 64-bit outweighed the reasons we had to keep supporting 32-bit computers," says the Tails team... "In the last few years, the developers who maintain Tails have spent lots of time addressing such issues. We would rather see them spend their time in ways that benefit our users on the long term, and not on problems that will vanish when Tails switches to 64-bit eventually."

97 comments

  1. One line could use some explanation. by Anonymous Coward · · Score: 4, Insightful

    Not to mention, 64-bit processors are more secure too...

    I'm not posting to doubt the author's assertion here, but rather to request more information: a link to the security benefits of one size over another would be nice. Is DEP something inherently impossible on 32-bit processors? Is the advantage really linked to word size, or is it more a function of new parts added to more recent processors?

    1. Re: One line could use some explanation. by Anonymous Coward · · Score: 3, Informative

      As per Tails:

      "software built for 64-bit processors can benefit from several improvements that make it harder for attackers to exploit security vulnerabilities (improved Address space layout randomization, compulsory support for the NX bit)."

    2. Re:One line could use some explanation. by Dunbal · · Score: 1, Interesting

      Yes I doubt this assumption too, simply because 64 bit processors are newer iterations closer to alterable microcode and "trusted computing".

      --
      Seven puppies were harmed during the making of this post.
    3. Re:One line could use some explanation. by AHuxley · · Score: 2

      AC think of the way an older OS would access memory and how malware could find interesting details at expected, almost set locations.
      Generations of malware could expect an OS and memory to work in a set way and code for information gathering.
      With 64 bit that information can be spread over memory in different ways or over a lot more memory beyond the limits of older systems malware.
      Protecting is provided by making malware have to hunt for more secure details in more random places in memory every time on newer hardware.

      --
      Domestic spying is now "Benign Information Gathering"
    4. Re:One line could use some explanation. by Anonymous Coward · · Score: 1

      Please, most malware as-is today doesn't give two fucks about ASLR. They depend upon the practices taught today which results in shoddy bloated, vulnerable code.

      These problems simply wouldn't happen if people knew how to code small and quit trying to make a program do everything. This is why Unix is so rock fucking solid.

    5. Re:One line could use some explanation. by wbr1 · · Score: 2

      Modern, 64 bit CPUs also contain things like Intel's IME (or the AMD alternative), a small, always on CPU with network access. This is more secure?

      --
      Silence is a state of mime.
    6. Re:One line could use some explanation. by Anonymous Coward · · Score: 1

      That's the purpose of this news, to encourage everyone to use 64 bit CPU with Intel's IME so everyone can be de-anonimized and tracked.

    7. Re:One line could use some explanation. by Darinbob · · Score: 1

      I'm replying here to explicitly doubt the author's assertion. It's a silly thing to be asserting. Security is not in the size of a system's registers or address bus. A good 32-bit SoC with crypto hardware may be much more secure than a 64-bit CPU.

    8. Re:One line could use some explanation. by Darinbob · · Score: 1

      Just dump Intel and be more secure overall.

    9. Re:One line could use some explanation. by Anonymous Coward · · Score: 0

      > They depend upon the practices taught today which are based on object oriented programming.

      Fixed That For You.

    10. Re: One line could use some explanation. by Anonymous Coward · · Score: 0

      Tails needs to be banned. Only pedophiles and terrorists need to worry about privacy. What are you hiding?

      -AC

    11. Re:One line could use some explanation. by Anonymous Coward · · Score: 0

      I was about to make that comment. When Intel gets poked with a stick by the government, your 64 bit processor will roll over and tell them everything. IME (etc) is the enabling technology. I stay away from it, just like CPU serial numbers.

      Also, a 64 bit processor has a larger "bug surface" (bigger die), newer, less-researched bugs, less bug work-arounds (per bug) in the field...

      You are going to need to point to an in-depth study that takes all these things into account rather than just saying "64 bit is more secure" and expecting us to believe it.

      Somebody needs to take over the 32 bit build. I would rather have the option to run 32 bit, even if it is less tested / I help test it.

    12. Re:One line could use some explanation. by thegarbz · · Score: 1

      In favour of what exactly?

    13. Re:One line could use some explanation. by Anonymous Coward · · Score: 0

      The security is in the size of the virtual address space, which makes exploits more difficult by making valid pointers sparse.
      It also allows more easily for adding guard pages (as the address space bloat is more affordable).

    14. Re:One line could use some explanation. by admin7087 · · Score: 1

      The problem is the opposite, all recent processors/motherboards are insecure. They contain a processor on its own, with its operating system, network stack, and complete access to all hard disks and RAM of the machine, and that little embedded OS can be controlled and triggered from the network.

    15. Re:One line could use some explanation. by arth1 · · Score: 1

      It goes both ways. More modern systems also have more features that might be exploited, while older systems may have a much higher ratio of vulnerabilities already discovered and with workarounds for them.
      And, of course, the number of attacks against a system is going to have at least some proportionality to how popular it is.

  2. seems to be time... by Anonymous Coward · · Score: 1

    Consumer 64 bit CPUs have been around since the 2003 AMD Opteron, so getting on towards a decade and a half soon now. And workstation class 64 bit was available for many years before that.

    It's cool that Linux itself supports really old hardware, but when it comes to a small distro team trying to support niche architectures, sometimes you have to pick your battles. If there's sufficient interest in 32 bit, then the interested parties can provide the necessary support.

    Dealing with security and privacy is hard, and there aren't many OSs trying to do it at all, so it seems apt for the Tails team to focus where they can have the maximum impact for the resources they have available.

    1. Re:seems to be time... by ShanghaiBill · · Score: 4, Interesting

      Consumer 64 bit CPUs have been around since the 2003 AMD Opteron

      Linux runs on many many embedded systems that are 32 bit, including plenty of new devices. It is likely that these are even the majority of running Linux instances. This particular distro may only be interested in the 64-bit desktop/laptop/server market, but many other distros would be foolish to abandon the embedded market.

    2. Re:seems to be time... by Anonymous Coward · · Score: 0

      Or tails is poned and 64bit processors are all backdoored. If tails no long works on older no backdoored hardware....

    3. Re:seems to be time... by Anonymous Coward · · Score: 0

      Ah, the 'Old Hardware' gambit eh? so what about those of us running this stuff in 'disposable' VMs on shiny new boxes?

  3. How do they know... by Anonymous Coward · · Score: 5, Interesting

    ... that 4% of users are using 32-bit systems? Can't be that private if they're collecting telemetry from their own userbase...

    1. Re:How do they know... by Motherfucking+Shit · · Score: 5, Informative

      The official announcement says "These statistics are gathered from bug reports we have received from WhisperBack." WhisperBack is a voluntary, manual bug reporting system that comes with Tails. So they're only collecting "telemetry" from users who are voluntarily submitting it; that may not be the best barometer of who's using 32-bit systems, but it's all they have to go by.

      --
      "BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
    2. Re:How do they know... by KiloByte · · Score: 1

      As a comparison, Debian popcon shows i386 users being 27% of amd64's number, yet by counting bug reports filed after 2016-01-01 that include system information, that's 7%.

      I see two possible explanations for this discrepancy: either i386 installations are old ones that were installed as such because the user didn't know better (the i386 installer was shown more prominently), or that such users are too untechnical to participate in filing reports.

      In any case, getting a non-thoroughly-embedded machine without amd64 support takes some serious dumpster diving.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    3. Re:How do they know... by adolf · · Score: 1

      A year or two ago, my dad (an avid dumpster diver) found a working and very clean Dell Latitude 32-bit D620 laptop. I shaved some parts off that I needed for my own D620 and sold the display+housing complete on Ebay, because...because.

      I'm about to ditch the D620 altogether (in favor of kvm/qemu guest, possibly Tails) and then I will not have any more 32-bit x86 machines for my own personal purposes.

      --
      Kid-proof tablet..
    4. Re:How do they know... by reiscw · · Score: 1

      Debian supports multiarch, so many of us have i386 packages installed on the amd64 of Debian. Wine / Crossover does this a lot. That's another explanation for the discrepancy.

    5. Re:How do they know... by Anonymous Coward · · Score: 0

      Another simple but useful metric could be the number of downloads of 32-bit vs 64-bit images

    6. Re:How do they know... by Anonymous Coward · · Score: 0

      These statistics tell us what we already knew -- that the newer 64-bit crap is more buggy than the older tried-and-true 32-bit stuff.

    7. Re: How do they know... by Anonymous Coward · · Score: 0

      Surely the download stats on the two variants is enough to judge demand.

    8. Re:How do they know... by Anonymous Coward · · Score: 0

      The D620 used a Core2 which is 64bit.

      As for "dumpster diving" I have dozens of i386 systems laying around. Prob more of those than 64bit(which includes my G5 Powermac & Sun UltraSPARC systems).

      A Pentium 3 will play dvd quality divx/xvid with no problems. Why pitch that which can be useful. Further, Intel didn't start 64 bit till 2004 & didn't go fully 64 bit til 2007 ish(they were still selling Core Duo & P4 inventory even then). The Athlon XP was still sold alongside the Athlon64s for a while as well.

    9. Re:How do they know... by Anonymous Coward · · Score: 0

      A Pentium 3 will play dvd quality divx/xvid with no problems.

      At a much higher electricity cost, and you can't do much else on the system.

    10. Re: How do they know... by Anonymous Coward · · Score: 0

      Could be that.

      Or they've based it on the machines' configuration that makes the download request

    11. Re:How do they know... by sjames · · Score: 1

      It could also mean that the software isn't yet 64 bit clean.

    12. Re:How do they know... by toddestan · · Score: 1

      Not really, the Coppermine P3's are pretty efficient. A lot of them use less than 20W at full load until you start approaching the 1 GHz mark.

  4. That's not good... by MindPrison · · Score: 5, Interesting

    Considering who the platform was meant to help in the first place, this is not good news.

    Imagine this scenario, you're an informer on the run, you have to hide because you've got a secret that must eventually get out to the public. You have no access to modern computer, but could possibly scrape together some old computer parts to make one, perhaps an old disgarded 32 bit laptop somewhere in the dumpsters in an opressed country where even old computers are gold.

    And you can't install it because it requires a 64 bit processor, well - bummer.

    Any other day I'd agree with that decision, but in this case - I think it should be as compatible as possible with as much hardware as possible, focus less on modern things, and focus more on safe communications.

    --
    What this world is coming to - is for you and me to decide.
    1. Re:That's not good... by Anonymous Coward · · Score: 1

      Or... you've been living under Taliban rule and now they've fled you've dug up your trusty old Commodore. What then, huh?

    2. Re:That's not good... by Anonymous Coward · · Score: 0

      Oh man the Jon Katz days... Dig up that Commodore 64 and download the latest DivX movie release

    3. Re:That's not good... by Anonymous Coward · · Score: 0

      Eventually though, the "old discarded laptop" in that scenario will be a (lightning fast by today's standards) 64-bit laptop.

    4. Re: That's not good... by Anonymous Coward · · Score: 0

      That's cute but the real interesting stats is that 4% of users are real privacy concious individuals with tracks to cover and the other 96% are middle aged white guys staying in hotels with their wives trying to get free wi-fi and tap into their alpha male so they can be an animal under the sheets.

    5. Re: That's not good... by Anonymous Coward · · Score: 1

      Free wi-fi is intriguing to me, but I don't see anything about wi-fi in your newsletter.

    6. Re:That's not good... by AHuxley · · Score: 1

      What happens when a nations telco supports the security services and then moves in for some equipment interference?
      With 64 bit and better security, encryption and memory an application might just offer a bit more protection.
      With very old computers a lot of interesting user details just exist in memory in set places for any security service to gather without much effort.
      Computers that will be tracked and will face equipment interference need all the encryption and modern hardware support a developer can offer.

      --
      Domestic spying is now "Benign Information Gathering"
    7. Re:That's not good... by Anonymous Coward · · Score: 0

      That's easy, just use Linux from Scratch! Compile everything from start to finish!

    8. Re:That's not good... by thegarbz · · Score: 1

      You have no access to modern computer, but could possibly scrape together some old computer parts to make one, perhaps an old discarded 32 bit laptop somewhere in the dumpsters in an oppressed country where even old computers are gold.

      It may just be a sign of the times but a) if you're in such an oppressed country if the laptop is working you won't find it in a dumpster, and b) if you're not in quite such an oppressed country your dumpster laptop will very likely be 64bit anyway. Do remember that 64bit processors have been around for 15 years now. If your only source of equipment is older than this, being able to get software to run on it will be the least of your problems.

      and focus more on safe communications

      This is exactly why they are making the move.

    9. Re:That's not good... by Ramze · · Score: 1

      AMD released the first intel-compatible 64 bit processors in 2000. That's almost 17 years ago. Sure, people kept buying 32-bit crap for a long while after that, but even Intel saw the writing on the wall, licensed the tech, and eventually mostly moved everything over to it.

      It's more difficult to find electricity and an internet connection than it is to find a 64 bit machine in poverty-stricken and/or war-torn countries. I threw away my first 64-bit AMD machine well over a decade ago. I'm sure there's mountains of them at recycling centers in Asia.

      I don't think your average refugee is dumpster diving for computer parts -- anything that's gotten wet or crushed is most likely useless, and one would instead go to a garage sale or some other second-hand store to get parts anyway.

      North Korea's Red Star OS 3.0 had both x86 and 64-bit versions three years ago. Even they have probably moved to 64-bit only by now. I'm hard pressed to think of a country with higher sanctions and barriers to technology and freedom than NK, but if there is one, I bet their computers are 64 bit by now also.

  5. BIOS for 32b x86 CPU's are not Backdoored ... by Anonymous Coward · · Score: 1

    You have to go back over 10 years for Intel and a few generations for AMD to be able to build firmware for your mainboard that is all open source, without all the closed Blobs. So what's the point of a secure OS with a backdoored BIOS?

  6. stupid by Anonymous Coward · · Score: 0

    plain and simple

  7. I don't blame 'em & I feel the same... apk by Anonymous Coward · · Score: 0

    See my subject: I said it the other day in an Apple article (they're heading same way & soon so am I) https://apple.slashdot.org/comments.pl?sid=10190241&cid=53786367/

    * It makes sense & makes things easier not having to pay attention to 2 builds vs. 1... in my case, this may be the last 32-bit build ever in SR-7 that I released yesterday.

    (Mine's simple to do though - I build the 64-bit model 1st, & then simply copy it's single unit over to the 32-bit model's folder, editing "32-bit" strings to "64-bit" for string resources + retargetting it to 32-bit - it's EXACTLY the same code is why it's simpler to do - gotta LOVE Delphi for that & the fact it compiles on all the 'majors' in 32 bit, mostly in 64-bit, & soon ALL 64-bit, AGAIN including Linux (then, I port this program to 'everywhere'))

    APK

    P.S.=> However, I ask users who email me on questions on how to fully use the program, what version they use - 1st few years, it was rougly a 50/50 split between 32 & 64 bit usage - now? It's almost PURE 64-bit, 4++ yrs. later (after public release, it's MUCH older than that but I kept it to myself but the 'malware explosion' circa 2008-2011 is what made me let it out as a freebie)... apk

    1. Re:I don't blame 'em & I feel the same... apk by Anonymous Coward · · Score: 0

      New flash: Nobody cares what you think.

  8. Forced obsolescence of 32 bit devices by Anonymous Coward · · Score: 0

    > 64-bit processors are more secure too...

    Sure, when Apple does it it's because they're money-grubbing pricks, but when a Linux vendor does it, it's because of security.

  9. Inevitable by m.dillon · · Score: 5, Insightful

    We already dropped 32-bit support in DFly. There are many good reasons for doing it on Linux and the other BSDs as well. I will outline a few of them.

    (1) The big reason is that kernel algorithms on FreeBSD, DragonFly, and Linux are starting to seriously rely on having a 64-bit address space to be able to properly size kernel data structures and KVM reservations. While (for FreeBSD) 32 bit builds still work, resource limitations are fairly confining relative to the resources that modern machines have (even 32-bit ones).

    (2) Being able to have a DMAP makes kernel programming a whole lot easier. You can't have one on a 32-bit system unless you limit ram to something like 1GB. Being able to make a DMAP a kernel-standard requirement is important moving forwards.

    (3) Modern systems are beginning to rely more and more (on x86 anyway) on having the %xmm registers available. To the point where many compilers now just assume that they will exist. ARM's 64-bit architecture also has some nice goodies that it would be nice to be able to rely on being available in-kernel.

    (4) Optimizations for 64-bit systems create regressions on 32-bit systems. Memory copies, zeroing, and setmem, for example. Even if 32-bit support is kept, performance on those systems will continue to drop.

    (5) There is a lot of ancient cruft in 32-bit code that we kernel programmers don't like to have to sift through. For example, being able to get rid of the EISA and most of the ISA support went a long ways towards cleaning up the codebase. Old drivers are a stick in the craw because nobody can test them any more, so the chances of them even working on an old system is reduced for every release. Eventually it gets to the point where there's no point trying to maintain the old driver.

    (6) People should not expect modern features on old machines. The cost of replacing that old machine is minimal. Live with it. It's part of the price of progress. If the industry is a bit slow understanding what 'old' means, than the fewer systems which support these older architectures the better, it will make the point more obvious to the corporations who've lost their innovative edge.

    (7) For ARM, going back to the corporate point, there's really no reason under the sun to continue to produce 32-bit cpus, even for highly embedded and IOT stuff. The world has moved on, and even embedded systems have major resource limitations in 32-bit configurations. If kernel programmers have to put an exclamation mark on that point, then so be it.

    -Matt

    1. Re:Inevitable by Anonymous Coward · · Score: 0

      Wow. I never thought the day would come that Windows is better suited to low end hardware than Linux or *BSD. Windows 10 has first class 32-bit support (on x86 at least) and requires that ALL drivers work on these systems to get signed (which they all need to be). Additionally, it has massively improved its memory usage and aggressively merges pages and compresses memory when under memory pressure (as well as silently unloading "modern apps") avoiding swapping and making it actually pleasant to use on machines with 2GB of RAM, something I haven't managed with Ubuntu. It even supports just 1GB of RAM, but I haven't tested that myself.

      While there are Linux distributions targeting low end hardware, they increasingly make choices that alienate potential users by choosing unpopular desktops/window managers in the name of saving resources and ultimately make the machine less pleasant to use. I think MS made the correct decision here by making their full desktop and all its features fully suited to low end machines in the first place.

      I haven't tried any of the *BSDs recently but Linux makes life very difficult on low memory hardware by forcing KSM to only work on memory marked as mergeable (applications have to opt in with a call to madvise() on each chunk of allocated memory) - and the memory compression implementation zram is garbage because it requires a dedicated fixed-sized chunk of RAM to be reserved for it and only works via the swap mechanism - never eagerly compressing pages when it can nor eagerly decompressing them when memory pressure eases making the latency of this operation user noticeable.

      Additionally, the support lifecycle for Windows 10 guarantees full support and security patches until at least 2016 so x86 hardware with minimum 1GB of RAM will be supported for a LONG time to come.

    2. Re:Inevitable by Anonymous Coward · · Score: 0

      *I meant 2026 for the support lifecycle not 2016.

    3. Re:Inevitable by hairyfeet · · Score: 1

      Wow...how very first world of you. Did it never occur to you that people in the third world, in places that have oppressive governments and can actually USE this software, are often stuck dealing with old hand me downs from the first world and the cost of replacing those systems cost more than a years wages?

      Just because the cost is trivial to YOU does not mean its trivial to the rest of the world, and when it comes to a tool that is designed to help those in repressive regimes? That kind of attitude is not only arrogant but just shows the devs haven't actually bothered to think about the conditions those who might use their software have to deal with.

      --
      ACs don't waste your time replying, your posts are never seen by me.
    4. Re:Inevitable by Anonymous Coward · · Score: 0

      There is nothing stopping them from using the older versions on their old hardware.

    5. Re:Inevitable by eclectro · · Score: 1

      Whoa hold on there!!

      there's really no reason under the sun to continue to produce 32-bit cpus, even for highly embedded and IOT stuff.

      You actually had me going until that. There are a whole slew of reasons why a lower byte count would be needed for embedded and IOT stuff. For example countless IOT applications are going to need to be low current - low power low heat devices controlled by low current low power processors. It sometime still feels like to me that many 64bit processors still require close proximity to a nuclear plant because of their current draw. Certainly nothing that can be powered by a small battery alone for a couple of weeks to a month. And if they are truly low power (single digit wattage) they simply will not have the clock speed/horsepower to be able to run 64 bit compiled kernel code. I won't even get into the power conservation reasons of billions of IOT devices needing to be low current. Nor the price point that IOT devices will need to be at (aka market demand). Forcing a "one size fits all" mentality demonstrably does not work here and is counterproductive.

      --
      Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
    6. Re:Inevitable by mlyle · · Score: 2

      The grandparent poster is volunteering his time to make a thing that people like (DragonFly BSD). There are limited resources to be spread. Old versions will continue to work unmaintained, just like the old hardware does.

      How much should he increase his effort to support smaller and smaller populations? If supporting x86 is a 15% "tax" on developer time and resources-- is it worth it if 10% of the userbase is x86-64? 5%? 1%? How long should we still be supporting things? 386's are still out there.

      > That kind of attitude is not only arrogant but just shows the devs haven't actually bothered to think about the conditions those who might use their software have to deal with.

      No.. the attitude where you expect people donating their work and resources and time to work on what you would like them to is arrogant.

    7. Re:Inevitable by somenickname · · Score: 1

      32-bit machines may eventually go away but, to argue that the reason for them to go away is "because kernel stuff is irritating" is crazy. Even if there is no reason to continue to produce 32-bit hardware, it will be around for *decades*. The number of 32-bit embedded ARM CPUs out there has got to number in the billions. Changing hardware is much, much harder than changing software so, as a kernel developer, I think you'll find it's a very uphill battle to "put an exclamation mark on that point". The kernel will remain 32-bit compatible for decades because the people who contribute to the kernel have a vested interest in not changing their hardware.

    8. Re:Inevitable by serviscope_minor · · Score: 1

      (7) For ARM, going back to the corporate point, there's really no reason under the sun to continue to produce 32-bit cpus, even for highly embedded and IOT stuff.

      If you think you can beat the power draw of the 8 bit PIC 10F series or some sort of attiny with a 64 bit (!) CPU then please send me whatever it is you're smoking because it's some good shit.

      The world has moved on, and even embedded systems have major resource limitations in 32-bit configurations. If kernel programmers have to put an exclamation mark on that point, then so be it.

      Yeah no. The current embedded CPU I'm using has a glorious 4k of RAM (luxurious compard to the 64 bytes of a PIC10F or 12F). I can't see how moving from 8 to 64 bits would ease any resource limitations, unless you're thinking of giving me over 1000 times the amount of memory.

      But of course that takes 1000 tims the amount of power to run, so unless you have some batteries which use sintered unicorn horn cathodes to power these things, I'll keep my 4k thnakyou very much. Currently I'm using a CR2032 and get very many hours of runtime.

      I am considering moving to a newer 32 bit CPU. 64k RAM, but lower overall power draw being a newer design on a newer process and also reduces the parts count with an on-chip BALUN. I don't see how 64 bit pointers will help in the slightest with 64k of RAM.

      The other embedded machine I have of course is an RPi. Much larger, but only has a gig of ram if that (I've not checked---it has assloads). Again, 64 bit pointers won't help there.

      --
      SJW n. One who posts facts.
    9. Re:Inevitable by Darinbob · · Score: 1

      They should just be clear and say "We're making linux for PeeCees. We don't understand other types of systems. We think 32-bit means old and 64-bit means new."

    10. Re:Inevitable by Darinbob · · Score: 2

      Yup, bigger CPUs take more power, there's no need for a large amount of address space (which is the only practical thing you get from 64-bit). I'm working on a system with 20kb RAM which has to run off of a small battery for more than a decade. 64-bit has no applicability there. If it's a PC then sure, the newer CPUs tend to be 64-bit but outside of the PC monoculture there is a whole lot of other stuff that can run linux where 32-bit could actually be more secure. The smartcard market has parts that are based on 8-bit 8051 running Java VMs with crypto accelerators.

    11. Re:Inevitable by Darinbob · · Score: 1

      Why would they go away? 8-bit CPUs are still around and going strong.

    12. Re:Inevitable by Anonymous Coward · · Score: 1

      Those 8-bit systems aren't running Linux or *BSD, so bringing them up is irrelevant. Why even bother with them when you can't run Linux on this single transistor here?

    13. Re:Inevitable by Anonymous Coward · · Score: 0

      Security, eh? My little single core 32bit netbook, is running OpenBSD 6.0 with a XFCE desktop quite nicely thank you.

      Kids, these days...

    14. Re:Inevitable by Anonymous Coward · · Score: 1

      Switch to OpenBSD 6.0. They still release i386 versions and my little netbook runs happily.

      OpenBSD still supports the following:

      alpha Digital Alpha-based systems

      amd64 AMD64-based systems

      armv7 ARM-based devices, such as BeagleBone, BeagleBoard, PandaBoard ES, Cubox-i, SABRE Lite, Nitrogen6x and Wandboard

      hppa Hewlett-Packard Precision Architecture (PA-RISC) systems

      i386 Standard PC and clones based on the Intel i386 architecture and compatible processors

      landisk IO-DATA Landisk systems (such as USL-5P) based on the SH4 cpu

      loongson Loongson 2E- and 2F-based systems, such as the Lemote Fuloong and Yeeloong, Gdium Liberty, etc.

      luna88k Omron LUNA-88K and LUNA-88K2 workstations

      macppc Apple New World PowerPC-based machines, from the iMac onwards

      octeon Cavium Octeon-based MIPS64 systems

      sgi SGI MIPS-based workstations

      socppc Freescale PowerPC SoC-based machines

      sparc64 Sun UltraSPARC and Fujitsu SPARC64 systems

    15. Re:Inevitable by Anonymous Coward · · Score: 0

      Not if you want to run secure paranoid-ware, like TFA is about.

    16. Re:Inevitable by Anonymous Coward · · Score: 0

      That's all well and good, so I know that there will be no problems for the CPU manufacturers turning out product to fund your needs.

      Oh wait, I'll bet that your single digit wattage, IOT specialized processor sells for a few bucks at most, with correspondingly low profit margins.

      Your software needs will similarly be funded by well-paid, highly talented, specialized software engineers who can support their families based upon the revenue streams you send their way.

      Oh wait, I'll bet that you are using FOSS, and even if you are supporting those devs financially, your support amounts to 1% or less of what it actually costs to produce fully funded code to your specifications. In fact the only reason this model works at all is pooled dev activity and donated time.

      Did I miss anything there?

    17. Re:Inevitable by chmod+a+x+mojo · · Score: 1

      The cost of replacing that old machine is minimal. Live with it. It's part of the price of progress.

      Some of us quite literally can't. Your "minimal" cost is over $150K for one of the machines I use, with the actual machine being maybe $600, the rest being software licenses to work on OS's newer than the mid 90's and interface adapters to work with machines more advanced than a Pentium II.

      --
      To err is human; effective mayhem requires the root password!
    18. Re:Inevitable by Anonymous Coward · · Score: 0

      Very difficult to replace my 32-bit netbook. They simply don't do netbooks any more.

    19. Re:Inevitable by serviscope_minor · · Score: 1

      Your claim doesn't stand up.

      Very many embedded 32 bit cores are too small to rnu Linux and BSD as well, yet the OP claims there's no need to ever use a 32 bit ARM core when 64 bit ones exist. Embeddd stuff covers a vast amount of profiles from 8 bit with literally bytes of RAM to massive DSP beasts.

      He's claiming that on 32 bit cores it's hard to implement some kernel feature if you have less than a gig of RAM. Hardly any embedded system has remotely that much.

      --
      SJW n. One who posts facts.
    20. Re:Inevitable by Anonymous Coward · · Score: 0

      Correction, he's stating that it is hard to implement a DMAP in a 32 bit kernel unless you want to limit the rest of the system to 1 GB of RAM, meaning the other 3 GB would be for the kernel only.

    21. Re:Inevitable by Anonymous Coward · · Score: 0

      '...The cost of replacing that old machine is minimal. Live with it. It's part of the price of progress.'
      Hah,

      We replaced one single linux server with five (count 'em folks!) Win 2kXY servers, we've already lost (as in: doesn't fscking work..) one of them...
      We replaced 4 rock solid XP CAD boxes with 4 Win7 Boxes, c/w shiny new versions of the software at $illy Money$ per seat...notice how the 'rock solid' appellation disappeared there? (and, the fact that we're still running the old software on a 'hidden' machine should tell you something else as well...)

      Minimal cost?, I think not...the cost of one of the graphics cards alone in the new CAD machines was something like 3x the cost of the original Linux server and it's total running costs over the five years it had been doing the job, does it help the overall design process?, does it buggery...two years down the line there are still unresolved software issues (which will not be fixed now in the version of the software we have licenses for..oh, did I also mention it makes a pigs ear out og importing the older versions files?, not the sort of behaviour you want in CAD software, especially before you send the files up to the CNC machines..)
      5 hours of my time (and I'm not the official support btw, that, as they say, is another story....) firefighting server problems which held up that day's production for what would have been a 10-15 minute job max on the old Linux server (a 32bit Slackware box, for the record...)

      The money for this fantastic upgrade had to come from somewhere...so we lost a man from the team, progress, it's so wonderful...

    22. Re:Inevitable by Anonymous Coward · · Score: 0

      Yeah, none of your arguments are related to security. Getting rid of EISA and ISA has very little impact since they are not around anymore. 32bit CPUs are still running. I have a couple of them.

    23. Re:Inevitable by mlyle · · Score: 1

      Yes, and get results like this: http://www.phoronix.com/scan.p...

    24. Re:Inevitable by sad_ · · Score: 1

      it's also open source, if there is that many demand for a 32bit Tails somebody will pick it up and maintain it as a fork.

      --
      On a long enough timeline, the survival rate for everyone drops to zero.
    25. Re:Inevitable by hairyfeet · · Score: 1

      The whole "there is the source" argument is an is ought fallacy because its assumes because there IS source their OUGHT to be enough coders that 1.- understand deep level security in Linux, 2.- the interdependence these various apps have with each other and the OS well enough to keep from making accidental backdoors and 3.- also have a deep enough understand of web tracking methods including the ever evolving tracking tactics to insure new innovations like hidden pixels don't latch on for a ride.

      To say there is source is like me saying I will offer you a free car only for you to get there and me to hand you some raw ore and the blueprint for a Honda...what you HAVE ridden in a car, know what they look like, yes? Why can't you simply build a car? You can't because you do not have the tools, the education, and years of experience required to complete the task and neither does 99.998% of users of this software, and more like 99.9999% of people in repressive regimes where this kind of software was originally targeted. In most cases including this one source might as well not exist because nobody outside the original core team is gonna have the knowledge and experience to actually make this work.

      --
      ACs don't waste your time replying, your posts are never seen by me.
    26. Re:Inevitable by toddestan · · Score: 1

      The problem with Windows 10 (and Windows 8) is that it requires the NX bit be present on the processor. The NX bit came in around the same time as Intel was making the transition to 64-bit, so while there are a small handful of 32-bit processors that can run Windows 10, the vast majority of 32-bit Windows 10 systems are going to be running on 64-bit hardware because it won't boot on most 32-bit systems. So while you can run Tails (for now) on that Socket 478 P4 or Athlon XP, you can't run Windows 10 on it, even if the hardware is otherwise powerful enough.

      Also, as far as I know the requirement for signed drivers is only for 64-bit Windows. Which makes sense, as the 32-bit version of Windows 10 is basically the "compatibility mode" version of Windows that you can try to use for all that old, crufty software and hardware that simply will never work on 64-bit.

  10. Worse thought: by Anonymous Coward · · Score: 0

    It is being done to give a false sense of security since over half of the computers out today have Intel ME or AMD's equivalent on them, and make it easier to make Tails appear secure for whistleblower usage when in actuality the backdoored ME means everything you thought was done securely via Tails has actually been backdoored. Whereas the slightly less secure 32 bit processors are actually more secure because they didn't leak your keys!

  11. Surprising by DaMattster · · Score: 1

    I honestly thought Edward Snowden might use OpenBSD because it is more secure than Linux. The allegations of backdoors in the IPSEC stack were proven to be false during an intensive security audit by the OpenBSD team. The OpenBSD team regularly audits their code and is transparent about bugs found. But, I digress, I am an OpenBSD fanboi. OpenBSD powers my router/gateway, server, desktop, and laptop. In my world, if it is capable of running OpenBSD, it does.

    1. Re:Surprising by Cmdln+Daco · · Score: 1

      I am a NetBSD fan, but OpenBSD is very similar and almost as portable. If it is capable of running NetBSD it exists. That's nearly the case, though I have some PalmPC devices that won't run NetBSD and Apple machines need to be new enough to sport a 68030 processor.

    2. Re:Surprising by Anonymous Coward · · Score: 0

      Obligatory XKCD about precisely this problem.

              https://xkcd.com/538/

      And ohh, yes, our friends over at OpenBSD on the OpenSSH support still leave everyone's private SSH keys unencrypted by default, and have no structure for publishing *restricted* OpenSSH keys. Nor do they include a working host key signature method so that honeypots collecting attempted logins can be detected. If the honeypot is the first one you SSH to, you lose!!!

      You can start talking about OpenBSD's high security when you get them to acknowledge the very basic holes they refuse to address, because "that's how Theo thinks we should do it!!!"

    3. Re:Surprising by Anonymous Coward · · Score: 0

      He likely used Tails back then because it was tailor-made for anonymous communication.

      If he were to start with OpenBSD (Or Debian, or Fedora, or ... ), he'd have to first be his own tailor. That's a lot of time and effort.

      He may use something else today.

  12. I guess word size is too difficult to abstract? by Anonymous Coward · · Score: 0

    Is it really such a bitch to abstract word size in this software? That's a rhetorical question, really. It shouldn't be that hard if you had actually been thinking about it all along. What happens when 128-bit CPUs become preferred? I remember the bad old days of segment:offset in 16-bit, and boy was I glad to forget about that. OTOH, if we can emulate floating-point on 8-but CPUs, why can't we just drop down to an emulator on 32-bit and at least sort of support it? Sure it'd run slower than native but at least it'd be something.

    1. Re:I guess word size is too difficult to abstract? by Anonymous Coward · · Score: 0

      What happens when 128-bit CPUs become preferred

      128-bit memory addressing seems unlikely in the foreseeable future. 2^64 is a very very large number.

    2. Re:I guess word size is too difficult to abstract? by Anonymous Coward · · Score: 0

      yeah, also 640k of RAM is too much, that's what Bill Gates said too right?
      640K is more memory than anyone will ever need

    3. Re:I guess word size is too difficult to abstract? by Anonymous Coward · · Score: 0

      Sigh. A retard who doesn't understand exponential growth.

      OK, take a current well-speced PC with 16GB RAM.

      You would need 1 billion times this amount of RAM to exhaust the 64-bit address space.

      And we are getting within a few orders of magnitude of the point where individual RAM cells will be a few atoms size.

      Therefore *physics* says that in terms of actual addressable memory we will never exhaust the 64-bit address space.

  13. Newsflash/clue for you - YOU do! by Anonymous Coward · · Score: 0

    Thanks for projecting you care & are scared shitless mr. advertiser/malwaremaker/botnetmaster/inferior competitor!

    * If you advertisers didn't infect us, slow us down, track us (same w/ malwaremakers-botnet herders)? You wouldn't have ever seen my program in the light of day - I'd have kept it to myself... & you inferior competitors? LOL - truly are, inferior - I do FAR more for FAR less far more efficiently giving users more speed, security, reliability + anonymity online than you could EVER do (& you know it).)

    APK

    P.S.=> How damn dumb could you be with a reply like that? 10 below plantlife IQ is how dumb, lol... apk

  14. Seems a bit odd by dbIII · · Score: 1

    Seems a bit odd to drop 32 bit with the Raspberry Pi and clones all over the place.

    1. Re:Seems a bit odd by Anonymous Coward · · Score: 0

      I dont think there is an arm version of tails.

  15. All intel CPU made prior to 2009 has a real mode C by Anonymous Coward · · Score: 0

    Anything in ring 0 or equiv can back door any older CPU with malicious firmware.

    All of you faggots claiming to be secure on 32 bit don't realise 1 malicious kernel module is all that is needed, and you are fucked.

    At least intel ME is manageable to an extent. Put it on a vlan, or just don't enable remote access.

    Sure, there might be similar bugs in more recent CPU, but we know older chips are now unsafe from a root level attack.

  16. Ok, I'll drop Tails then... by demon+driver · · Score: 1

    ... as my preferred privacy-centric OS. It's not as if there weren't alternatives. And 32-bit machines will be good enough to access the internet for many years to come. I'm allergic to software producers forcing me to upgrade hardware for no reason, and seeing what the audience for systems like Tails is, the decision is even more despicable, and I'd expect there to be a lot of people who'll be much less inclined, if even able, to upgrade their hardware on a whim than I am.

  17. As long as it compiles, by rene2 · · Score: 1

    we will not remove 32-bit x86 support from T2SDE:

    Also still got some mice 32-bit vintage machines, like Oqo01+ with Transmeta Efficieon, or Nokia Booklet 3G, with 32-bit only Atom Z, ...

    In general I find it a bit sad to remove support to use older machines for poor families and third world countries.

  18. hey ive got one honest question by Anonymous Coward · · Score: 0

    sooo, im not a computer guy but, arent the 64 bits computers perfectly capable of running 32 bits stuff?

    so the obvious question is: why dont they make only a 32 bit version of tails, so everybody can use it? because ive got the feeling the people running tails are not using it to run games so they really dont care if all their ram doesnt show up, and stuff like that, I mean, do you really need 64bits if you are an informer/snowden/spook? do you really need 64 bits to hack podestas email from siberia?

    also, arent the new cpus basically botnets? ive read that in some chan somewhere

    1. Re:hey ive got one honest question by Anonymous Coward · · Score: 0

      so the obvious question is: why dont they make only a 32 bit version of tails, so everybody can use it?

      You would need a 64-bit version of tails. That would enable you to run both 64-bit and 32-bit apps at the same time.

  19. Wrong Focus by Anonymous Coward · · Score: 0

    You are attempting to analyze this on the basis of first principles, but that is the wrong approach and it's steering you in an unhelpful direction.

    First principles does indeed dictate that there's nothing fundamental that makes 32-bit processors more secure than 64-bit processors. So what is wrong with the logic?

    The problem is that 32-bit processors tend to be older processors. And if they are new processors then they tend towards low cost, fewer features markets. The 64-bit processors are getting most of the feature goodness, most of the design time and attention. And those features certainly include security features.

    Just look at the No Execute feature of modern processors. After a couple of false starts, this finally came into it's own in 64-bit processors. Is there any fundamental reason why No Execute cannot be back-ported to 32-bit processors? No, but what incentives to the chip designers have to do this when 64-bit seems to be the way of the future?

    Clearly, it's not a sharp either-or, but the financial incentives tend to push the best stuff towards the newer designs and that generally means 64-bit.

  20. Tails is the NSA by Anonymous Coward · · Score: 0

    "only 4% of Tails users were still using a 32-bit computer."

    Tails is NSA, mein punks! Otherwise how would they know this!